Method and device for controlling access request on basis of proxy gateway

A technology of access request and proxy gateway, which is applied in the field of communication, can solve problems such as attacks and data cannot be processed, achieve flexible protection measures, and improve security and flexibility.

Active Publication Date: 2015-01-28
NANJING ZHONGXING XIN SOFTWARE CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, the https (referring to the http service encrypted with TLS) proxy service has its own defects, that is, the HTTP CONNECT proxy server is a proxy server that allows users to establish a TCP connection to any port, which means that this proxy can not only be used for http Proxy service can also be used for FTP, IRC, RM streaming services, etc., and can even be used for scanning and attacking. For example, the terminal can take advantage of the defect that the WAP gateway cannot process Https request data, and use the HTTP CONNECT proxy to monitor important systems of the WAP gateway. Scanning, attacking, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for controlling access request on basis of proxy gateway
  • Method and device for controlling access request on basis of proxy gateway
  • Method and device for controlling access request on basis of proxy gateway

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] In order to realize the control of the proxy gateway to the Https access request, prevent the terminal from performing abnormal operations on the proxy gateway through the TLS tunnel, thereby improving the security of the proxy gateway application system, in the embodiment of the present invention, the proxy gateway receives the terminal to establish a TLS connection. https access request, the https access request carries at least a 2-tuple control parameter, and the proxy gateway judges whether the 2-tuple control parameter carried by the received https access request is legal according to the preset screening strategy, and if so, allows the terminal Establish a TLS connection through the https access request; otherwise, reject the terminal to establish a TLS connection through the https access request.

[0019] In the embodiment of the present invention, the so-called proxy gateway can be a WAP gateway or a WEB gateway, and the so-called two-tuple control parameter can...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to the field of communications, and provides a method and apparatus for controlling an access request based on a proxy gateway, for improving the security of a proxy gateway application system. wherein the method comprises: an proxy gateway receives a Hypertext Transfer Protocol Secure (HTTPS) access request for establishing a Transport Layer Security (TLS) connection transmitted by a terminal; based on a preset sifting policy, the proxy gateway judges whether 2-tuple control parameters carried in the HTTPS access request are legal, if yes, the terminal is allowed to establish the TLS connection through the HTTPS access request, or else the terminal is rejected to establish the TLS connection through the HTTPS access request. Thus, the HTTPS access request for establishing the TLS connection can be flexibly managed and controlled by using the preset 2-tuple control parameters, the illegal TLS connection is effectively blocked off, more flexible protection measures are provided for the proxy gateway application system, and the security and flexibility of service control flow of the proxy gateway are improved.

Description

technical field [0001] The invention relates to the communication field, in particular to a method and device for controlling based on Https access requests. Background technique [0002] With the development of Internet technology, users' demand for larger-scale and richer-form services on the Internet is also growing. At present, WAP (Wireless Application Protocol, wireless application protocol) gateway is usually used as the Internet proxy of terminal users. The most basic function of WAP gateway is to act as a proxy server for terminals, proxying terminals to access WAP websites and Internet content, and providing basic http proxy services And the protocol conversion function of WAP1.x. In order to protect the user's private data, the WAP gateway provides an encrypted data access channel requested by https, called the TLS (Transport Layer Security Protocol, Transport Layer Security Protocol) tunnel, and the user negotiates the key through the two ends of the TLS tunnel....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/08
CPCH04L63/166H04L63/168
Inventor 郭孟振黄晓兵海永军
Owner NANJING ZHONGXING XIN SOFTWARE CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap